Hello,
when running GitLab as a hosted instance, accessible from the Internet and having GitLab Runners run on a Kubernetes cluster inside the company network, how to protect it against attacks?
Since anybody with an account can create and change files in repos, they could run any Docker image they want and do whatever they want in the company network.
How to secure against that? Especially in those “DevOps” times when everybody wants to directly deploy to production?